100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Summary A.P3 Explain why organisations must adhere to legal requirements when considering IT systems security. | UNIT 7: IT SYSTEMS SECURITY AND ENCRYPTION | BTEC Computing £4.49   Add to cart

Summary

Summary A.P3 Explain why organisations must adhere to legal requirements when considering IT systems security. | UNIT 7: IT SYSTEMS SECURITY AND ENCRYPTION | BTEC Computing

 1008 views  10 purchases

A.P3 Explain why organisations must adhere to legal requirements when considering IT systems security. UNIT 7: IT SYSTEMS SECURITY AND ENCRYPTION | BTEC Computing

Preview 1 out of 4  pages

  • March 28, 2021
  • 4
  • 2018/2019
  • Summary
All documents for this subject (38)
avatar-seller
BTECcomputingANDbusiness
P3 Legal requirements: IT
systems security
As an online software company which deals with money transfer, you will need to follow a number
of legal legislation as you are dealing with highly confidential information in bank account details.
These requirements relate to how the data is used, to how it is stored and must be followed closely
to avoid prosecution from the authorities. Prosecution takes the form of fines and possible
imprisonment, as not following these requirements is breaking the law. The main IT security
legislation is listed below:

Data Protection Act 2018 - General Data Protection Regulation (GDPR)

This legislation replaces the old ‘Data protection act 1998’ and acts to control how businesses,
organisations or governments use your personal data when stored on computer systems or on hard
copies. In your company you must follow the ‘data protection principles’, which can be split into 6
sections:

1. Used fairly, lawfully and transparently - all data that is stored must be used with an honest
reason, within the law and the need to use it must be made clear.
2. Used for specified, explicit purposes - you must state clearly the reason to use any data, and
this reason must be clear.
3. Used in a way that is adequate, relevant and limited to only what is necessary - the data
must be used only to complete what is necessary and nothing more; its use should be
acceptable and appropriate.
4. Accurate and, where necessary, kept up to date - all data which is stored must be updated
when needed to keep all the information accurate. This includes any changes to mobile
numbers or addresses - these must all be kept up-to-date.
5. Kept for no longer than is necessary - all data should only be stored when it is needed, for
example when you are dealing with a client. But when you no longer need this information
on the client it must be destroyed/deleted as it is no longer necessary to have such
information about someone/ or their business.
6. Handled in a way that ensures appropriate security, including protection against unlawful
or unauthorised processing, access, loss, destruction or damage - as a company or
organisation all data must be secure and have suitable protection. It should only be able to
be seen by authorised personnel, whilst not being subject to loss, destruction or damage.

An example of an organisation not following GDPR regulations is
certain NHS trusts across the UK. They could face fines from the
‘Information Commissioner’s Office (ICO) after they had failed to
pay the new data protection fee. As a company, we would need to
abide by these regulations to avoid any financial penalties.

Alongside these principles, people have rights to find out what
sort of information the organisation or business stores about
them. As an online software company, you will have to disclose
any information you store about anyone (if they wish to be


Unit 7: IT Systems Security and Encryption

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller BTECcomputingANDbusiness. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for £4.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

67474 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy revision notes and other study material for 14 years now

Start selling
£4.49  10x  sold
  • (0)
  Add to cart